Security Bulletin: XcodeGhost iOS malware

Summary

A new iOS malware has been discovered which originates from a malicious version of Xcode, the Apple developer tool for creating iOS applications. The malicious Xcode was made available through a Chinese cloud service and downloaded by some developers in China. Apps compiled with this Xcode become infected, and subsequently infect the iOS device they are downloaded on.

Aspera has assessed the local and build versions of Xcode used by our developers, and has determined that they are all properly delivered from Apple.

Therefore, NO Aspera products or applications are affected or at risk of becoming affected by this security breach.